Lead Cybersecurity Engineer
GLOBAL Recruitment Solutions LLC
- Oshkosh, WI
- $110,000-150,000 per year
- Permanent
- Full-time
1. Strong tech background-must be able to translate cybersecurity regulations and requirements into technical controls to advise the engineering team.
2. Participated or led cybersecurity compliance assessments: CMMC or ISO certification
3. Documented and demonstrated experience with defense regulatory compliance like CMMC, NIST, and DFARS.JOB SUMMARY:Designs and builds mission-critical vehicles and technology for defense, municipal and commercial customers worldwide. Protecting the confidentiality, integrity and availability of our information assets is foundational to that mission. You will be part of our cybersecurity-compliance program guiding teams to through CMMC, UK Cyber Essentials, PCI DSS and other regulatory certifications and serve as the expert who turns requirements into pragmatic, risk-based controls.WORK LOCATIONThis position follows a hybrid work model, with three days in-office and two days remote each week.The preferred location for this role is at the Global Headquarters in Oshkosh, WI, with relocation assistance available for candidates who are not local.However, we are also open to candidates based out of the following U.S. office locations:McConnellsburg, PA
Hagerstown, MD
Orlando, FLESSENTIAL DUTIES AND RESPONSIBILITIES:These duties are not meant to be all-inclusive, and other duties may be assigned.Participate in or lead Cybersecurity compliance efforts across the organization, including preparation for, scheduling, and leading assessments (e.g. CMMC).Translate Cybersecurity control requirements into system level configurations and interpret system security capabilities for compliance requirements.Prepare reports detailing policy, standard, process, and control gaps related to compliance requirements and provide remediation recommendations.Work with management as the subject matter expert to develop program budgets and associated projects. Coordinate with IT and business regional leads to develop or modify compliance plans and strategies for different cultures, nationalities, and languages.Experience leading or conducting IT audits including the ability to distill technical data down to stakeholder understanding in non-technical means. Keep informed on the latest research, trends, and developments in all regulatory compliance areas.Serve as a trusted advisor to business functional areas (e.g., Finance, HR, Engineering) and/or internal IT resources (such as infrastructure, apps, IT services.).Ensure that business and technical requirements are aligned to policy and are implemented within regulatory and contractual compliance. Maintain expert awareness of all aspects of information security and compliance, including PCI, and SOC requirements for information systems and industry best practices, such as, NIST 800-53, 800-171, 172.Contribute to the development and maintenance of the Cybersecurity strategy.MINIMUM QUALIFICATIONS:Bachelors degree in Cybersecurity, Information Systems, Communications, Computer Science or equivalent.Six (6) or more years of experience in cybersecurity including direct involvement with regulatory or framework compliance (CMMC, NIST 800-171, PCI, ISO 27001, SOC2, FAR, DFARS, etc.)PREFERRED QUALIFICATIONS:Graduate degree in Cybersecurity, Information Systems, Management or equivalent.Relevant industry recognized certifications (CISSP, CEH, GIAC, Security+, SSAP, etc.)In-depth Knowledge and experience with regulatory compliance models (NIST, HIPAA, PCI, ISO, etc.).Hands-on design or operations background in at least one DT domain (infrastructure, cloud, or application development).Demonstrated knowledge of security controls for network, applications, and operating systems.Demonstrated conceptual, analytical, and innovative problem-solving and evaluative skills.Experience communicating conceptual and technical information both verbally (on phone, one-on-one, to groups) and in writing (emails, letters, reports, presentations) to various audiences (work group, team, company management, external clients).Experience with projects or issues of high complexity that require in-depth knowledge across multiple technical areas and lines of business.Experience conducting or leading IT audits.Hold an active or can obtain a U.S. Government Secret level or above clearance.Experience drafting information security policies, procedures, and standards.Experience testing effectiveness and adherence of cybersecurity controls.Translate complex contractual and regulatory requirements into actionable information system configurations.Experience collaborating in cross-functional work environments.